26 Sept 2009

MDM SP1 SCW Manifests

Before deploying servers into the production environment at work, we run the Security Configuration Wizard to harden the Operating System. Hardening involves such things as disabling unnecessary Services, adjusting authentication methods and setting Windows Firewall Exception in an effort to reduce the overall attach surface of the Operating System. While Server 2003 SP1 includes a number of default templates, additional templates are available for download on the Internet.

As part of the MDM deployment that I'm involved with, I've been looking to harden the servers before they go live. The MDM Dev Team at Microsoft were kind enough to create manifests and bundle them in the MDM SP1 Server Resource Kit. I've yet to try them but I expect them to function as the others do. The MDM SP1 Resource Kit can be downloaded here.

2 Sept 2009

64bit VM on a 32bit OS with VMware Workstation

I'm in the process of deploying MS SCMDM SP1 and have decided to first install the various components (MDM Gateway, Enrolment and Management Servers) in a isolated local VMware Environment before doing the live install. I stumbled upon a problem with running the 64bit Windows 2003 OS on my 32bit Windows XP laptop OS. Basically VMware Workstation was complaining that the CPU on the laptop was not compatible with the 64bit OS that i was trying to run on the VM.

There was two steps to resolve this;

  • Enable Intel Virtualisation Technology in my laptop's BIOS
  • Power off the laptop and then power on (a hot restart was not enough for this BIOS option to be recognised.)
There's also a handy CPU tester from VMware which will check your Host CPU for 32/64bit compatibility. It can be found here